In my company, after a DDOS against a server, my employer asked me to make an analysis of the attack and to write down some stuff.

What do you think I need to write down in my report?
Is there any available template from a CIRT or another organization that can be used after an incident?
What is the best practice about this kind of report?

In my first analysis i found where the attack was planned (an IRC channel).
I found information about the tool used and the url where the tool can be downloaded.
The attack is made with a LOIC and not with any kind of botnet (as I actually know).
The attack was planned without a hierarchical organization but was organized and maded with the help of people recruited hand-to-hand with the sharing of a little manifesto and the sharing through IRC and twitter of a JPG containing the information on the target and the time of the attack.
I need also to write down some stuff about the people around this attack?

any suggestion?

PLEASE: one-suggestion one-answer, so we can have a community best practice at the end :)